npm - @elevasis/core - Versions diffs - 0.1.0 - Mend

@elevasis/core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (564) hide show

package/src/integrations/oauth/server/refresh.ts ADDED Viewed

@@ -0,0 +1,214 @@
+import { getProviderConfig } from '../provider-registry'
+import type { OAuthToken } from '../types'
+import { getOAuthCredentials } from './credentials'
+/**
+ * In-flight refresh deduplication map.
+ * Keyed by `provider:refreshToken` — concurrent callers with the same expired token
+ * share a single refresh request instead of racing against each other.
+ */
+const inflightRefreshes = new Map<string, Promise<OAuthToken>>()
+/** @internal Exposed for testing — do not use in production code. */
+export function _getInflightRefreshCount(): number {
+  return inflightRefreshes.size
+}
+/**
+ * Refresh OAuth token if expired (pure function)
+ *
+ * Checks if token expires within 5 minutes and refreshes if needed.
+ * Automatically determines provider config from token.provider field.
+ * Respects provider-specific token exchange methods (basic-auth, form-encoded, json-body).
+ * Handles both RFC 6749-compliant (snake_case) and non-compliant (camelCase) providers.
+ */
+export async function refreshOAuthTokenIfExpired(token: OAuthToken): Promise<OAuthToken> {
+  // Validate token has provider field
+  if (!token.provider) {
+    throw new Error('Token missing provider field - cannot refresh')
+  }
+  // Validate refresh token exists
+  if (!token.refreshToken) {
+    throw new Error('Token cannot be refreshed (no refresh_token). User must re-authorize.')
+  }
+  // Check if token is still valid
+  const expiresAt = new Date(token.expiresAt).getTime()
+  const now = Date.now()
+  const bufferMs = 5 * 60 * 1000 // 5 minutes
+  if (expiresAt > now + bufferMs) {
+    console.log('[OAuth] Token still valid, no refresh needed', {
+      provider: token.provider,
+      expiresAt: token.expiresAt,
+      remainingMinutes: Math.floor((expiresAt - now) / 60000)
+    })
+    return token // Still valid
+  }
+  // Token expired, delegate to force refresh
+  return forceRefreshOAuthToken(token)
+}
+/**
+ * Force refresh OAuth token (bypasses expiry check)
+ *
+ * Use this when you receive a 401 from the API even though the token
+ * appeared valid based on expiresAt. This handles cases where:
+ * - The stored expiresAt is stale/incorrect
+ * - The token was revoked before expiry
+ * - Clock skew between systems
+ */
+export async function forceRefreshOAuthToken(token: OAuthToken): Promise<OAuthToken> {
+  // Validate token has provider field
+  if (!token.provider) {
+    throw new Error('Token missing provider field - cannot refresh')
+  }
+  // Validate refresh token exists
+  if (!token.refreshToken) {
+    throw new Error('Token cannot be refreshed (no refresh_token). User must re-authorize.')
+  }
+  // Deduplicate concurrent refreshes for the same token
+  const dedupeKey = `${token.provider}:${token.refreshToken}`
+  const inflight = inflightRefreshes.get(dedupeKey)
+  if (inflight) {
+    console.log('[OAuth] Reusing in-flight refresh', { provider: token.provider })
+    return inflight
+  }
+  const refreshPromise = performTokenRefresh(token)
+  inflightRefreshes.set(dedupeKey, refreshPromise)
+  try {
+    return await refreshPromise
+  } finally {
+    inflightRefreshes.delete(dedupeKey)
+  }
+}
+async function performTokenRefresh(token: OAuthToken): Promise<OAuthToken> {
+  console.log('[OAuth] Force refreshing token', {
+    provider: token.provider,
+    expiresAt: token.expiresAt
+  })
+  // Get provider configuration
+  const config = getProviderConfig(token.provider)
+  // Get client credentials from environment
+  const { clientId, clientSecret } = getOAuthCredentials(config.id)
+  // Perform token refresh using provider-specific exchange method
+  let response: Response
+  switch (config.tokenExchange) {
+    case 'basic-auth': {
+      // Notion pattern: Authorization: Basic {base64(clientId:clientSecret)}
+      const credentials = Buffer.from(`${clientId}:${clientSecret}`).toString('base64')
+      response = await fetch(config.tokenUrl, {
+        method: 'POST',
+        headers: {
+          Authorization: `Basic ${credentials}`,
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+          grant_type: 'refresh_token',
+          refresh_token: token.refreshToken
+        })
+      })
+      break
+    }
+    case 'form-encoded': {
+      // Google pattern: application/x-www-form-urlencoded body
+      const params = new URLSearchParams({
+        grant_type: 'refresh_token',
+        refresh_token: token.refreshToken,
+        client_id: clientId,
+        client_secret: clientSecret
+      })
+      response = await fetch(config.tokenUrl, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: params.toString()
+      })
+      break
+    }
+    case 'json-body': {
+      // Most providers: application/json body
+      response = await fetch(config.tokenUrl, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          grant_type: 'refresh_token',
+          refresh_token: token.refreshToken,
+          client_id: clientId,
+          client_secret: clientSecret
+        })
+      })
+      break
+    }
+    default: {
+      throw new Error(`Unsupported token exchange method: ${config.tokenExchange}`)
+    }
+  }
+  // Handle error response
+  if (!response.ok) {
+    let errorMessage = `Failed to refresh OAuth token for ${config.id}: ${response.status}`
+    try {
+      const errorData = (await response.json()) as Record<string, unknown>
+      // Parse OAuth error response (RFC 6749 Section 5.2)
+      if (errorData.error) {
+        errorMessage += ` - ${errorData.error}`
+        if (errorData.error_description) {
+          errorMessage += `: ${errorData.error_description}`
+        }
+        // Identify invalid_grant errors (user must re-authorize)
+        if (errorData.error === 'invalid_grant') {
+          errorMessage += ' (User must re-authorize)'
+        }
+      }
+    } catch {
+      // If error response is not JSON, use status text
+      errorMessage += ` - ${response.statusText}`
+    }
+    throw new Error(errorMessage)
+  }
+  const data = (await response.json()) as Record<string, unknown>
+  // Defensive normalization: handle both snake_case (RFC 6749) and camelCase
+  const accessToken = (data.access_token ?? data.accessToken) as string | undefined
+  const refreshToken = (data.refresh_token ?? data.refreshToken) as string | undefined
+  const expiresIn = (data.expires_in ?? data.expiresIn ?? 3600) as number
+  // Validate required fields
+  if (!accessToken) {
+    throw new Error(
+      `Invalid token refresh response: missing access_token. Received keys: ${Object.keys(data).join(', ')}`
+    )
+  }
+  console.log('[OAuth] Token refreshed successfully', {
+    provider: token.provider,
+    hasNewRefreshToken: !!refreshToken,
+    expiresInSeconds: expiresIn,
+    validForHours: Math.floor(expiresIn / 3600)
+  })
+  // Return refreshed token with all original fields preserved
+  return {
+    ...token,
+    accessToken,
+    refreshToken: refreshToken || token.refreshToken, // Some providers don't return new refresh token
+    expiresAt: new Date(Date.now() + expiresIn * 1000).toISOString()
+  }
+}

package/src/integrations/oauth/types.ts ADDED Viewed

@@ -0,0 +1,34 @@
+export interface OAuthToken extends Record<string, unknown> {
+  provider: string // OAuth provider ID (notion, google-sheets)
+  accessToken: string
+  refreshToken: string
+  expiresAt: string // ISO 8601 timestamp
+  tokenType: 'Bearer'
+  scope?: string
+}
+export interface OAuthProviderConfig {
+  id: string
+  name: string
+  authUrl: string
+  tokenUrl: string
+  scopes?: string[]
+  authParams?: Record<string, string> // Provider-specific auth params
+  tokenExchange: 'basic-auth' | 'form-encoded' | 'json-body'
+  usePKCE?: boolean
+  // Custom override hooks for edge cases (95% won't need these)
+  customAuthFlow?: (config: OAuthProviderConfig, state: OAuthState) => URL
+  customTokenExchange?: (
+    code: string,
+    config: OAuthProviderConfig
+  ) => Promise<OAuthToken>
+}
+export interface OAuthState {
+  organizationId: string
+  nonce: string
+  timestamp: number
+  credentialName: string
+  provider: string // Which provider this flow is for
+}

package/src/integrations/webhook-endpoints/__tests__/api-schemas.test.ts ADDED Viewed

@@ -0,0 +1,318 @@
+/**
+ * Webhook Endpoint API schemas tests
+ * Tests validation schemas for webhook endpoint CRUD API
+ * Focus: Mass assignment prevention, required field enforcement, partial update rules, type coercion
+ */
+import { describe, it, expect } from 'vitest'
+import {
+  CreateWebhookEndpointRequestSchema,
+  UpdateWebhookEndpointRequestSchema,
+  ListWebhookEndpointsQuerySchema,
+  WebhookEndpointResponseSchema
+} from '../api-schemas'
+const validUuid = 'a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a11'
+const validUuid2 = 'b1eebc99-9c0b-4ef8-bb6d-6bb9bd380a22'
+describe('CreateWebhookEndpointRequestSchema', () => {
+  const validPayload = {
+    name: 'My Inbound Webhook',
+    resourceId: 'my-workflow-workflow'
+  }
+  describe('valid requests', () => {
+    it('accepts name and resourceId', () => {
+      const result = CreateWebhookEndpointRequestSchema.parse(validPayload)
+      expect(result.name).toBe('My Inbound Webhook')
+      expect(result.resourceId).toBe('my-workflow-workflow')
+    })
+    it('accepts optional description', () => {
+      const payload = { ...validPayload, description: 'Receives Stripe events' }
+      const result = CreateWebhookEndpointRequestSchema.parse(payload)
+      expect(result.description).toBe('Receives Stripe events')
+    })
+    it('omits description when not provided', () => {
+      const result = CreateWebhookEndpointRequestSchema.parse(validPayload)
+      expect(result.description).toBeUndefined()
+    })
+    it('accepts empty string description (description is z.string, not NonEmptyString)', () => {
+      const payload = { ...validPayload, description: '' }
+      const result = CreateWebhookEndpointRequestSchema.parse(payload)
+      expect(result.description).toBe('')
+    })
+  })
+  describe('required fields', () => {
+    it('rejects missing name', () => {
+      const { name: _name, ...payload } = validPayload
+      expect(() => CreateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('accepts missing resourceId (optional field)', () => {
+      const { resourceId: _resourceId, ...payload } = validPayload
+      const result = CreateWebhookEndpointRequestSchema.parse(payload)
+      expect(result.resourceId).toBeUndefined()
+    })
+    it('rejects empty name (NonEmptyString enforcement)', () => {
+      expect(() => CreateWebhookEndpointRequestSchema.parse({ ...validPayload, name: '' })).toThrow()
+    })
+    it('rejects empty resourceId (NonEmptyString enforcement)', () => {
+      expect(() => CreateWebhookEndpointRequestSchema.parse({ ...validPayload, resourceId: '' })).toThrow()
+    })
+  })
+  describe('SECURITY: mass assignment prevention', () => {
+    it('rejects organizationId injection', () => {
+      const payload = { ...validPayload, organizationId: 'attacker-org-id' }
+      expect(() => CreateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('rejects id injection (server-generated field)', () => {
+      const payload = { ...validPayload, id: validUuid }
+      expect(() => CreateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('rejects key injection (server-generated field)', () => {
+      const payload = { ...validPayload, key: 'whk_custom_key' }
+      expect(() => CreateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('rejects status injection', () => {
+      const payload = { ...validPayload, status: 'active' }
+      expect(() => CreateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('rejects arbitrary unknown fields', () => {
+      const payload = { ...validPayload, malicious: 'value' }
+      expect(() => CreateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+  })
+})
+describe('UpdateWebhookEndpointRequestSchema', () => {
+  describe('valid partial updates', () => {
+    it('accepts update with name only', () => {
+      const result = UpdateWebhookEndpointRequestSchema.parse({ name: 'New Name' })
+      expect(result.name).toBe('New Name')
+      expect(result.status).toBeUndefined()
+    })
+    it('accepts update with status only', () => {
+      const result = UpdateWebhookEndpointRequestSchema.parse({ status: 'paused' })
+      expect(result.status).toBe('paused')
+    })
+    it('accepts update with resourceId only', () => {
+      const result = UpdateWebhookEndpointRequestSchema.parse({ resourceId: 'other-workflow-workflow' })
+      expect(result.resourceId).toBe('other-workflow-workflow')
+    })
+    it('accepts update with description only', () => {
+      const result = UpdateWebhookEndpointRequestSchema.parse({ description: 'Updated desc' })
+      expect(result.description).toBe('Updated desc')
+    })
+    it('accepts update with all fields', () => {
+      const payload = {
+        name: 'Updated',
+        description: 'New desc',
+        resourceId: 'new-workflow-workflow',
+        status: 'active' as const
+      }
+      const result = UpdateWebhookEndpointRequestSchema.parse(payload)
+      expect(result).toEqual(payload)
+    })
+  })
+  describe('status values', () => {
+    it('accepts active status', () => {
+      const result = UpdateWebhookEndpointRequestSchema.parse({ status: 'active' })
+      expect(result.status).toBe('active')
+    })
+    it('accepts paused status', () => {
+      const result = UpdateWebhookEndpointRequestSchema.parse({ status: 'paused' })
+      expect(result.status).toBe('paused')
+    })
+    it('rejects invalid status value', () => {
+      expect(() => UpdateWebhookEndpointRequestSchema.parse({ status: 'disabled' })).toThrow()
+    })
+    it('rejects empty string status', () => {
+      expect(() => UpdateWebhookEndpointRequestSchema.parse({ status: '' })).toThrow()
+    })
+  })
+  describe('at least one field required', () => {
+    it('rejects empty object', () => {
+      expect(() => UpdateWebhookEndpointRequestSchema.parse({})).toThrow(
+        'At least one field (name, description, resourceId, or status) must be provided'
+      )
+    })
+    it('rejects object with all fields explicitly undefined', () => {
+      expect(() =>
+        UpdateWebhookEndpointRequestSchema.parse({
+          name: undefined,
+          description: undefined,
+          resourceId: undefined,
+          status: undefined
+        })
+      ).toThrow('At least one field')
+    })
+  })
+  describe('SECURITY: mass assignment prevention', () => {
+    it('rejects organizationId injection', () => {
+      const payload = { name: 'Valid', organizationId: 'attacker-org' }
+      expect(() => UpdateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('rejects id injection', () => {
+      const payload = { name: 'Valid', id: validUuid }
+      expect(() => UpdateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+    it('rejects unknown fields', () => {
+      const payload = { name: 'Valid', unknownField: 'value' }
+      expect(() => UpdateWebhookEndpointRequestSchema.parse(payload)).toThrow()
+    })
+  })
+})
+describe('ListWebhookEndpointsQuerySchema', () => {
+  describe('defaults', () => {
+    it('accepts empty query and applies defaults', () => {
+      const result = ListWebhookEndpointsQuerySchema.parse({})
+      expect(result.limit).toBe(20)
+      expect(result.offset).toBe(0)
+      expect(result.status).toBeUndefined()
+    })
+  })
+  describe('status filter', () => {
+    it('accepts active status filter', () => {
+      const result = ListWebhookEndpointsQuerySchema.parse({ status: 'active' })
+      expect(result.status).toBe('active')
+    })
+    it('accepts paused status filter', () => {
+      const result = ListWebhookEndpointsQuerySchema.parse({ status: 'paused' })
+      expect(result.status).toBe('paused')
+    })
+    it('rejects invalid status value', () => {
+      expect(() => ListWebhookEndpointsQuerySchema.parse({ status: 'deleted' })).toThrow()
+    })
+  })
+  describe('string coercion (querystring params arrive as strings)', () => {
+    it('coerces string limit to number', () => {
+      const result = ListWebhookEndpointsQuerySchema.parse({ limit: '50' })
+      expect(result.limit).toBe(50)
+    })
+    it('coerces string offset to number', () => {
+      const result = ListWebhookEndpointsQuerySchema.parse({ offset: '100' })
+      expect(result.offset).toBe(100)
+    })
+    it('coerces both limit and offset together', () => {
+      const result = ListWebhookEndpointsQuerySchema.parse({ limit: '10', offset: '30' })
+      expect(result.limit).toBe(10)
+      expect(result.offset).toBe(30)
+    })
+    it('rejects limit above max (100)', () => {
+      expect(() => ListWebhookEndpointsQuerySchema.parse({ limit: '101' })).toThrow()
+    })
+    it('rejects negative offset', () => {
+      expect(() => ListWebhookEndpointsQuerySchema.parse({ offset: '-1' })).toThrow()
+    })
+  })
+})
+describe('WebhookEndpointResponseSchema', () => {
+  const validResponse = {
+    id: validUuid,
+    organizationId: validUuid2,
+    key: 'whk_abc123def456',
+    name: 'Stripe Inbound',
+    description: 'Handles Stripe webhook events',
+    resourceId: 'stripe-handler-workflow',
+    status: 'active' as const,
+    lastTriggeredAt: '2026-03-01T12:00:00.000Z',
+    requestCount: 42,
+    createdAt: '2026-01-01T00:00:00.000Z',
+    updatedAt: '2026-03-01T12:00:00.000Z'
+  }
+  it('accepts a complete valid response object', () => {
+    const result = WebhookEndpointResponseSchema.parse(validResponse)
+    expect(result.id).toBe(validUuid)
+    expect(result.status).toBe('active')
+    expect(result.requestCount).toBe(42)
+  })
+  describe('nullable fields', () => {
+    it('accepts null description', () => {
+      const result = WebhookEndpointResponseSchema.parse({ ...validResponse, description: null })
+      expect(result.description).toBeNull()
+    })
+    it('accepts null lastTriggeredAt (endpoint never triggered)', () => {
+      const result = WebhookEndpointResponseSchema.parse({ ...validResponse, lastTriggeredAt: null })
+      expect(result.lastTriggeredAt).toBeNull()
+    })
+    it('accepts both nullable fields as null', () => {
+      const result = WebhookEndpointResponseSchema.parse({
+        ...validResponse,
+        description: null,
+        lastTriggeredAt: null
+      })
+      expect(result.description).toBeNull()
+      expect(result.lastTriggeredAt).toBeNull()
+    })
+  })
+  describe('forward compatibility (not strict)', () => {
+    it('accepts extra fields in response (allows API additions without breaking clients)', () => {
+      const result = WebhookEndpointResponseSchema.parse({
+        ...validResponse,
+        newFieldFromFutureApiVersion: 'some-value'
+      })
+      expect(result.id).toBe(validUuid)
+    })
+  })
+  describe('field validation', () => {
+    it('rejects invalid UUID for id', () => {
+      expect(() => WebhookEndpointResponseSchema.parse({ ...validResponse, id: 'not-a-uuid' })).toThrow()
+    })
+    it('rejects invalid UUID for organizationId', () => {
+      expect(() => WebhookEndpointResponseSchema.parse({ ...validResponse, organizationId: 'not-a-uuid' })).toThrow()
+    })
+    it('rejects negative requestCount', () => {
+      expect(() => WebhookEndpointResponseSchema.parse({ ...validResponse, requestCount: -1 })).toThrow()
+    })
+    it('rejects invalid datetime for createdAt', () => {
+      expect(() => WebhookEndpointResponseSchema.parse({ ...validResponse, createdAt: 'not-a-date' })).toThrow()
+    })
+    it('rejects invalid status in response', () => {
+      expect(() => WebhookEndpointResponseSchema.parse({ ...validResponse, status: 'unknown' })).toThrow()
+    })
+  })
+})

package/src/integrations/webhook-endpoints/api-schemas.ts ADDED Viewed

@@ -0,0 +1,102 @@
+import { z } from 'zod'
+import { UuidSchema, NonEmptyStringSchema, PaginationSchema } from '../../platform/utils/validation'
+/**
+ * Webhook Endpoint API Validation Schemas
+ *
+ * HTTP request/response validation for the webhook endpoints CRUD API.
+ * These schemas are browser-safe and shared between API and frontend.
+ *
+ * Design notes:
+ * - Request schemas use `.strict()` to reject unknown fields (mass assignment prevention)
+ * - Response schemas do NOT use `.strict()` (allows forward-compatible additions)
+ * - Update schema requires at least one field via `.refine()`
+ */
+/**
+ * Status enum for webhook endpoints
+ */
+export const WebhookEndpointStatusSchema = z.enum(['active', 'paused'])
+/**
+ * POST /api/webhook-endpoints - Create a new webhook endpoint
+ *
+ * The `key` and `id` are generated server-side and not accepted in the request.
+ */
+export const CreateWebhookEndpointRequestSchema = z
+  .object({
+    /** User-facing label for the endpoint */
+    name: NonEmptyStringSchema,
+    /** Target workflow resourceId to invoke on inbound requests (can be set later) */
+    resourceId: NonEmptyStringSchema.optional(),
+    /** Optional description */
+    description: z.string().optional()
+  })
+  .strict()
+export type CreateWebhookEndpointRequest = z.infer<typeof CreateWebhookEndpointRequestSchema>
+/**
+ * PATCH /api/webhook-endpoints/:id - Update an existing webhook endpoint
+ *
+ * At least one field must be provided.
+ */
+export const UpdateWebhookEndpointRequestSchema = z
+  .object({
+    name: NonEmptyStringSchema.optional(),
+    description: z.string().optional(),
+    resourceId: NonEmptyStringSchema.optional(),
+    status: WebhookEndpointStatusSchema.optional()
+  })
+  .strict()
+  .refine(
+    (data) =>
+      data.name !== undefined ||
+      data.description !== undefined ||
+      data.resourceId !== undefined ||
+      data.status !== undefined,
+    { message: 'At least one field (name, description, resourceId, or status) must be provided' }
+  )
+export type UpdateWebhookEndpointRequest = z.infer<typeof UpdateWebhookEndpointRequestSchema>
+/**
+ * Response shape for a single webhook endpoint.
+ * NOT strict — response schemas allow extra fields for forward compatibility.
+ */
+export const WebhookEndpointResponseSchema = z.object({
+  id: UuidSchema,
+  organizationId: UuidSchema,
+  key: z.string(),
+  name: z.string(),
+  description: z.string().nullable(),
+  resourceId: z.string().nullable(),
+  status: WebhookEndpointStatusSchema,
+  lastTriggeredAt: z.string().datetime().nullable(),
+  requestCount: z.number().int().min(0),
+  createdAt: z.string().datetime(),
+  updatedAt: z.string().datetime()
+})
+export type WebhookEndpointResponse = z.infer<typeof WebhookEndpointResponseSchema>
+/**
+ * GET /api/webhook-endpoints - List webhook endpoints query params
+ *
+ * Extends standard pagination with optional status filter.
+ */
+export const ListWebhookEndpointsQuerySchema = PaginationSchema.extend({
+  status: WebhookEndpointStatusSchema.optional()
+})
+export type ListWebhookEndpointsQuery = z.infer<typeof ListWebhookEndpointsQuerySchema>
+/**
+ * Named collection of all webhook endpoint schemas for route registration
+ */
+export const WebhookEndpointSchemas = {
+  CreateRequest: CreateWebhookEndpointRequestSchema,
+  UpdateRequest: UpdateWebhookEndpointRequestSchema,
+  Response: WebhookEndpointResponseSchema,
+  ListQuery: ListWebhookEndpointsQuerySchema
+}

package/src/integrations/webhook-endpoints/index.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * Webhook Endpoints Integration
+ *
+ * Generic inbound webhook endpoints — provider-agnostic, self-service, revocable.
+ * Each endpoint gets a unique opaque URL that maps to a target workflow.
+ *
+ * @see apps/docs/content/docs/in-progress/active-development/generic-webhook-endpoints/index.mdx
+ */
+// Domain types
+export type { WebhookEndpoint, WebhookEndpointStatus } from './types'
+// API schemas and inferred types
+export {
+  WebhookEndpointStatusSchema,
+  CreateWebhookEndpointRequestSchema,
+  UpdateWebhookEndpointRequestSchema,
+  WebhookEndpointResponseSchema,
+  ListWebhookEndpointsQuerySchema,
+  WebhookEndpointSchemas
+} from './api-schemas'
+export type {
+  CreateWebhookEndpointRequest,
+  UpdateWebhookEndpointRequest,
+  WebhookEndpointResponse,
+  ListWebhookEndpointsQuery
+} from './api-schemas'